Security News

Protecting distributed branch office environments from ransomware
2024-03-18 03:00

The serious scale of the threat posed by ransomware attacks in the UK, Europe and globally was bought into sharp focus by the UK House of Commons/House of Lords Joint Committee on the National Security Strategy in its December 2023 report, A hostage to fortune: ransomware and UK national security. Huawei aims to do just that, having unveiled its new HiSec SASE Solution - designed to deliver cloud-network-edge-endpoint integrated intelligent protection and provide consistent security assurance for both enterprise headquarters and branch offices - at last month's Mobile World Congress in Spain.

StopCrypt: Most widely distributed ransomware evolves to evade detection
2024-03-14 20:59

A new variant of StopCrypt ransomware was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools. StopCrypt, also known as STOP Djvu, is the most widely distributed ransomware in existence that you rarely hear about.

StopCrypt: Most widely distributed ransomware now evades detection
2024-03-14 20:59

A new variant of StopCrypt ransomware was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools. StopCrypt, also known as STOP Djvu, is the most widely distributed ransomware in existence that you rarely hear about.

LockBit ransomware kingpin gets 4 years behind bars
2024-03-14 18:26

A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 in restitution to some of his victims by a Canadian court as he awaits extradition to the US. During a sentencing hearing this week, Justice Michelle Fuerst said 34-year-old Mikhail Vasiliev was a cyber-terrorist who was "Motivated by his own greed," according to CTV News. Vasiliev, a dual Canadian-Russian national living in Bradford, Ontario, pleaded guilty last month to eight counts of cyber-extortion, mischief, and weapons charges against Canadian victims, including businesses in Saskatchewan, Montreal, and Newfoundland.

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
2024-03-14 13:47

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario...

Nissan confirms ransomware attack exposed data of 100,000 people
2024-03-14 13:04

Nissan Oceania is warning of a data breach impacting 100,000 people after suffering a cyberattack in December 2023 that was claimed by the Akira ransomware operation. Two weeks later, the Akira ransomware gang took responsibility for the attack and claimed it had stolen 100GB of data, including documents containing personal employee information, NDAs, project data, and information on partners and clients.

IT leaders think immutable data storage is an insurance policy against ransomware
2024-03-14 04:00

69% consider this data storage essential to their corporate cybersecurity, and only 12% of those who deployed immutable data storage say it is not essential. This is followed by France at 96%, Germany at 94% and the UK at 85%. While a relatively low number of IT leaders worldwide who currently use immutable data storage do not regard it as "Essential" to their cybersecurity strategy, a larger percentage resides in the UK: 24% of UK respondents have deployed it but say it is not essential to their cybersecurity, compared to 11% in France, 9% in the US and 6% in Germany.

US govt probes if ransomware gang stole Change Healthcare data
2024-03-13 20:16

UnitedHealth Group confirmed in late February that Change Healthcare systems and services were shut down after a cyberattack by "Nation-state" hackers, which was later linked to the BlackCat ransomware gang. Change Healthcare is the largest payment exchange platform used by doctors, healthcare providers, and patients in the U.S. healthcare system and by more than 70,000 pharmacies, while UHG has contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 U.S. states.

The effects of law enforcement takedowns on the ransomware landscape
2024-03-13 15:00

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The researchers pointed out other current trends related to ransomware attacks: the attackers' use of vulnerable drivers, legitimate remote desktop tools, custom data exfiltration tools, and abuse of built-in Windows utilities to steal credentials.

Stanford University failed to detect ransomware intruders for 4 months
2024-03-13 12:05

Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word.